<?php

include "global.php"; // Get Configuration
getsettings();

if (isset($_POST["doaction"]) && $_POST["doaction"] == "volunteers_password")
{
	$email = sql_safe($_POST["username"]);
	if ($email != "")
	{
		list($fname,$lname,$password) = $DB_site->query_first("SELECT fname,lname,password FROM volunteers WHERE email='$email'");
		if ($password != "")
		{
			eval("\$message = \"".gettemplate('lost_password_email')."\";");
			send_email($do_not_reply_email,$email,"Lost password from $website_title",$message);
			$msg = "Login information has been sent to your email address. Please check your inbox.<br />";
		}
		else
		{
			$msg = "This e-mail address is not registered.<br />";
		}
		echo $msg;
		exit;
	}
	else
		$login_msg = "Please enter your username to recover password.<br />";
}

if (isset($_POST["doaction"]) && $_POST["doaction"] == "login")
{
	$email = sql_safe($_POST["username"]);
	$password = sql_safe($_POST["password"]);
	$flag = 0;
	$login_msg = "Following Error(s) Occured during Login:<br />";
	
	if ($email != "" AND $password != "")
	{
			list($member_id,$member_email) = $DB_site->query_first("SELECT id,email from volunteers where email='$email' AND password='$password' AND account_status ='Active'");
			if ($member_id != "")
			{
				srand((double)microtime()*1000000);
				$session_id = md5(uniqid(rand()));
				$session_id = addslashes($session_id);
				$result = $DB_site->query("DELETE FROM sessions WHERE email='$member_email' AND member_type='volunteer'");
				$result = $DB_site->query("INSERT INTO sessions (member_id,email,member_type,session_id,logout_time) 
						          	                 VALUES('$member_id','$member_email','volunteer','$session_id',DATE_ADD(now(), INTERVAL $session_logout MINUTE))
                              ");
				setcookie("sess",$session_id,time()+$session_logout*60);
			}
			else
			{
        $flag = 1;
        $login_msg.="If you’re not registered, please Register below. If registered, please check and try again.<br />";
      }
	}
	else
	{
      $flag = 1;
      $login_msg.="Please enter both email and password to login.<br />";
	}
	
	if ($flag == 0)
	{
?>
<html>
<head>
<title>Loading..Please wait.</title>
<meta http-equiv="Refresh" CONTENT="0; URL=<?php echo $website_volunteers_overview?>?sess=<?php echo $session_id?>">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body bgcolor="#FFFFFF">
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td>
      <div align="center"><font face="Arial, Helvetica, sans-serif" size="1">Loading..Please 
        wait.. <a href="<?php echo $website_volunteers_overview?>?sess=<?php echo $session_id?>">Click here</a> if nothing happens</font></div>
    </td>
  </tr>
</table>
</body>
</html>
<?php  
  exit;
  }
}
?>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
        <link rel="stylesheet" type="text/css" href="eweek.css" />
    </head>
    <body>
	 <?php require("header.php"); ?>
	 <section>

            
        <form method="POST" id="login">
            <h1>Log in</h1> 
            <fieldset>
				 <input type="hidden" name="doaction" value="login">
                 <label for="username"> Username : </label>
                 <input id="username" name="username" required type="text" placeholder="mymail@mail.com"/><br>
                 <label for="password"> Password : </label>
                 <input id="password" name="password" required type="password" placeholder="eg. X8df!90EO" /> <br/>
                 <input type="submit" value="Login" /> <a href="#" onClick="document.getElementById('login').doaction.value='volunteers_password';document.getElementById('login').submit();return false;">Forgot Password?</a><br>
             </fieldset>
            <div class="line-separator"></div><br>
			<?php echo($login_msg); ?>
            <div class="change_link">Not registered yet ?<a href="registration.php">Register</a><div class="rchange_link">I am teacher?<a href="teachers.php">Login here</a></div> 
            </div>			
        </form> 
            
        </section>
       <?php require("footer.php"); ?>
    </body>
</html>
